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DETAILED ACTION 

Claims 1-8,10-16,18-23, and 25-37 have been considered. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

Claims 1-2,5,7,11-13,18-20,26,29-32, and 36-37 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Lipsit, EP 0820207 A2, in view of Takae, U.S. Patent Application Publication No. 
2002/0034940, in further view of of Chmaytelli, U.S. Patent No. 6,542,729. 

As per claims 1 and 18, the applicant describes an apparatus to unblock a security device issued 
to an end user comprising the following limitations which are met by Lipsit in view of Takae in further view 
of Chmaytelli: 

a) a client-side transfer agent for securely transferring information among the unblocking service, 
the end user, and the security device (Lipsit: page 5, line 47 to page 6, line 17); 

b) an agent-side transfer agent for securely transferring information between the unblocking 
service and a security agent (Lipsit: page 5, line 47 to page 6, line 17); 

c) an Unblock Authorization Code (UAC) generated after verification by the security agent and 
securely transferred from the agent-side transfer agent to the unblocking service, wherein verification 
comprises verifying the end user is assigned the security device while the end user is in possession of the 
security device (Lipsit: page 5, lines 47-50; Takae: [0084]); 



Application/Control Number: 09/932,882 Page 3 

Art Unit: 2137 

d) an Unblock Code (UBC) securely transferred from the unblocking service to the client-side 
transfer agent, wherein the client-side transfer agent uses the UBC to unblock the security device, 
(Chmaytelli: Col 8, lines 59-66); 

e) an unblocking service for establishing a secure gateway and storing the UAC and UBC (Lipsit: 
5 page 5, lines 47-50; Chmaytelli: Col 8, lines 59-66); 

Lipsit describes a system in which a secure gateway (38 of Fig 1) is used to coordinate 
unblocking of a security device. A subscription service provider transfers data into the secure gateway 
including serial numbers and security codes which assist in the unblocking process. 

Lipsit, however, fails to disclose verification while an end user is in possession of the device. 

10 Specifically, it appears that the verification process for a user to receive a security code for a device takes 
place while a user is awaiting possession of a device (e.g. overnight delivery, second day delivery, etc) 
(Col 5, lines 45-46) and not while the user is actually in possession of a device. Takae discloses the well- 
known idea that a verification process may take place while a user is in possession of a device. 
Combining the ideas of Takae with those of Lipsit allows the verification procedure to take place while the 

1 5 user is in possession of the device. It would have been obvious to one of ordinary skill in the art at the 
time the invention was filed to combine the ideas of Takae with those of Lipsit makes the system more 
robust and secure for at least the reason that it provides more opportunity for authentication. 

Lipsit in view of Takae disclose unblocking a remote device, but do not specifically disclose 
sending an unblock code to the device. In Lipsit in view of Takae, the unblocking of the device is done at 

20 the secure gateway. 

Chmaytelli, discloses that a device may be physically locked and an unblock code may be sent to 
a device to unblock the device. Whereas Lipsit in view of Takae merely disclose unblocking of a device 
at a secure gateway, the combination as prescribed incorporates an unblock signal that may be received 
to further local unblocking of the device. Through the combination of Chmaytelli, the device in Lipsit in 

25 view of Takae's system may be physically blocked and requiring of an unblock code to be sent to locally 
render the device unblocked. It would have been obvious to one of ordinary skill in the art at the time the 
invention was filed to combine the ideas of Chmaytelli with those of Lipsit in view of Takae because doing 
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so makes the system more robust and secure because it incorporates the element that a device may be 
physically blocked and requiring of a local unblock code. 

As per claims 2 and 19, the applicant describes the apparatus of claims 1 and 18, which are met 
by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is also met by 
Lipsit: 

Wherein the security agent unblocks the security device from a remote location (page 5, line 47 to 
page 6, line 17). 

As per claims 5 and 20, the applicant describes the apparatus of claims 1 and 18, which are met 
by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is also met by 
Lipsit: 

Wherein the end user is remote (page 5, line 47 to page 6, line 17). 

As per claim 7, the applicant describes the apparatus of claim 1 , which is met by Lipsit in view of 
Takae in further view of Chmaytelli, with the following limitation which is also met by Lipsit: 
Wherein the apparatus is accessible via a web interface (page 5, lines 1-13). 

As per claims 11-13 and 26, the applicant describes the apparatus of claims 1 and 18, which are 
met by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is met by 
Lipsit: 

Wherein the UAC is accepted upon correlation of an end user identifier and a security device 
identifier (Lipsit: page 5, line 47 to page 6, line 17). 

As per claims 29,36, and 37, the applicant describes a method of unblocking a security device 
issued to an end user using a security agent comprising the following limitations which are met by Lipsit, 
Takae, and Chmaytelli: 
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a) gathering information from the end user and the security device (Lipsit: page 5, line 47 to page 
6, line 17); 

b) verifying the information gathered from the end user and the security device (Lipsit: page 5, 
line 47 to page 6, line 17); 

5 c) contacting the security agent by the end user (Lipsit: page 5, lines 42-55); 

d) supplying end user information verbally to the security agent (Lipsit: page 5, lines 42-55); 

e) verifying identity of the end user by the security agent using an identity verification mechanism 
(Lipsit: page 5, lines 42-55); 

f) generating an Unblock Authorization Code (UAC) after verification by the security agent, 

10 wherein verification comprises verifying the end user is assigned the security device while the end user is 
in possession of the security device (Lipsit: page 5, line 47 to page 6, line 17; Takae: [0084]); 

g) delivering the UAC to an unblocking service (Lipsit: page 5, line 47 to page 6, line 17); 

h) storing the UAC against a security device record in a directory service (Lipsit: page 5, line 47 to 
page 6, line 17); 

15 i) supplying the UAC from the security agent to the end user (Lipsit: page 5, line 47 to page 6, line 

17); 

j) applying the UAC to a client-side transfer agent by the end user (Lipsit: page 5, line 47 to page 
6, line 17); 

k) delivering the UAC securely from the client-side transfer agent to the unblocking service (Lipsit: 
20 page 5, line 47 to page 6, line 17); 

I) verifying the UAC of the client-side transfer agent and an agent-side transfer agent match 
through the unblocking service (Lipsit: page 5, line 47 to page 6, line 17); 

m) requesting an Unblock Code (UBC) from the directory service (Chmaytelli: Col 8, lines 59-63); 

o) unblocking the security device by transferring the UBC from the directory service to the client- 
25 side transfer agent (Chmaytelli: Col 8, lines 59-63). 
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As per claims 30-32, the applicant describes the method of claim 29, which is met by Lipsit in 
view of Takae in further view of Chmaytelli, with the following limitation which is met by Lipsit: 

Wherein the security device identifier is a serial number (Lipsit: page 5, line 47 to page 6, line 17). 

5 Claims 3-4 and 22-23 rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in view 

of Takae in further view of Chmaytelli in further view of Menezes, (Menezes, Alfred J. Handbook of 
Applied Cryptography. 1997. CRC Press. Pages 15-17 and 388-390). 

As per claims 3 and 22, the applicant describes the apparatus of claims 1 and 18, which are met 
10 by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is met by 
Menezes: 

Wherein an end user identifier and a password is presented by the end user for the client-side 
transfer agent to connect to the unblocking service (Menezes: 388); 

Lipsit in view of Takae in further view of Chmayelli discloses all the limitations of claims 1 and 18. 
15 Lipsit in view of Takae in further view of Chmaytelli also discloses that a password may be presented by 
the end user for the client-side transfer agent to connect to the unblocking service (page 4, lines 51-54). 
Lipsit in view of Takae in further view of Chmaytelli, however, does not disclose that the password is 
presented with an end user identifier as an end user/password pain 

Menezes discloses the idea that a password is typically presented with an end user identifier as 
20 an end user identifier/password pair. It would have been obvious to one of ordinary skill in the art at the 
time the invention was filed to combine the ideas of Menezes with those of Lipsit in view of Takae in 
further view of Chmaytelli because authenticating an end user with an end user identifier/password pair 
allows each end user to maintain their own personal password rather than just having one universal 
password. This enhances security in the system because a hacker needs to know two pieces of 
25 information (the end user identifier and the password) instead of just one piece of information. 
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As per claims 4 and 23, the applicant describes the apparatus of claims 1 and 18, which are met 
by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is met by 
Menezes: 

Wherein the secure gateway is configured to perform an authentication process for every transfer 
5 between the client-side transfer agent and the unblocking service (Menezes: 15). 

Lipsit in view of Takae in further view of Chmaytelli is silent as to how data is transferred between 
the client-side transfer agent and the unblocking service. If the data were encrypted with a symmetric 
key, an authentication process would be performed for every data transfer since only an authorized user 
should have the symmetric key. 

0 

Claims 6 and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in view of 
Takae in further view of Chmaytelli in further view of Gien, U.S. Patent Application Publication No. 
2002/0112156. 



15 As per claims 6 and 21, the applicant describes the apparatus of claims 1 and 18, which are met 

by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is met by Gien: 
Wherein the security device is a smart card (Gien: [0105]); 

Lipsit in view of Takae in further view of Chmaytelli discloses all the limitations of claims 1 and 1 8. 
However, Lipsit in view of Takae in further view of Chmaytelli does not specifically disclose that the 
20 security device which is being unblocked is a smart card. Gien discloses the idea of unblocking a smart 
card. It would have been obvious to one of ordinary skill in the art at the time the invention was filed to 
combine the ideas of Gien with those of Lipsit in view of Takae in further view of Chmaytelli because a 
smart card is another type of security device which could benefit from the efficient unblocking techniques 
of the system. 



25 
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Claims 10 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in view 
of Takae in further view of Chmaytelli in further view of Binder, U.S. Patent Application Publication No. 
2002/0138553. 

5 As per claims 10 and 25, the applicant describes the apparatus of claims 1 and 18, which are met 

by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is met by Binder: 

The client-side transfer agent is configured to check periodically at a configurable frequency for 
the UAC (Binder: [0036]); 

Lipsit in view of Takae in further view of Chmaytelli disclose all the limitations of claims 1 and 1 8. 
10 However, Lipsit in view of Takae in further view of Chmaytelli do not disclose checking at a configurable 
frequency for the UAC. 

Binder discloses this idea in a networking system in which a client is set to check at a 
configurable frequency for a generated message. As disclosed by Binder, this functionality is 
advantageous because it eliminates the costly and unnecessary need for the user to maintain a constant 
15 open connection between a client and a server [0027]. It would have been obvious to one of ordinary skill 
in the art at the time the invention was filed to combine the ideas of Binder with those of Lipsit in view of 
Takae in further view of Chmaytelli because having a client check for a UAC at a configurable frequency 
eliminates the costly and unnecessary need for the user to maintain a constant open connection with the 
unblocking service. 

20 

Claims 8,14-16 and 27 are rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in 
view of Takae in further view of Chmaytelli in further view of Menezes. 



25 



As per claims 14-16, and 27, the applicant describes the apparatus of claims 1 and 18, which are 
met by Lipsit in view of Takae in further view of Chmaytelli, with the following limitation which is met by 
Menezes: 
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Wherein the UBC is provided by the unblocking service to the client-side transfer agent after 
correlation of an end user identifier, a password pair, and a security device identifier (Menezes: page 
388); 

Lipsit in view of Takae in further view of Chmaytelli discloses all the limitations of claims 1 and 18. 
Lipsit also discloses that a password may be presented by the end user for the client-side transfer agent 
to connect to the unblocking service (page 4, lines 51-54). Lipsit in view of Takae in further view of 
Chmaytelli, however, does not disclose that the password is presented with an end user identifier as an 
end user/password pair. 

Menezes discloses the idea that a password is typically presented with an end user identifier as 
an end user identifier/password pair. It would have been obvious to one of ordinary skill in the art at the 
time the invention was filed to combine the ideas of Menezes with those of Lipsit in view of Takae in 
further view of Chmaytelli because authenticating an end user with an end user identifier/password pair 
allows each end user to maintain their own personal password rather than just having one universal 
password. This enhances security in the system because a hacker needs to know two pieces of 
information (the end user identifier and the password) instead of just one piece of information. 

As per claim 8, the applicant describes the apparatus of claim 3, which is met by Lipsit in view of 
Takae in further view of Chmaytelli in further view of Menezes, with the following limitation which is met by 
Chmaytelli: 

Wherein the end user identifier is an e-mail address (Chmaytelli: Col 8, lines 54-59); 

Claim 28 is rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in view of Menezes 
in further view of Takae in further view of Chmaytelli in further view of Binder 

As per claim 28, the applicant describes a method of unblocking a security device issued to an 
end user comprising the following limitations which are met by Lipsit, Menezes, Takae, Chmaytelli, and 
Binder: 
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a) establishing a secure gateway by an unblocking service (Lipsit: Fig 1; page 5, line 47 to page 
6, line 17); 

b) transferring information among the unblocking service, the end user, and the security device in 
a secure manner (Lipsit: page 5, line 47 to page 6, line 17); 

5 c) transferring information between the unblocking service and the security agent in a secure 

manner (Lipsit: page 5, line 47 to page 6, line 17); 

d) presenting an end user identifier and a password pair by the end user for a client-side transfer 
agent (Lipsit: page 4, lines 51-54; Menezes; page 388); 

e) performing an authentication process for every transfer between the client-side transfer agent 
10 and the unblocking service (Lipsit: page 4, lines 51-54; Menezes: page 15); 

f) generating an Unblock Authorization Code (UAC) after verification by a security agent, wherein 
verification comprises verifying the end user is assigned the security device while the end user is in 
possession of the security device (Lipsit: page 5, lines 47-50; Takae: [0084]); 

g) transferring the UAC securely from an agent-side transfer agent to the unblocking service 
15 (Lipsit: page 5, line 47 to page 6, line 17); 

g) supplying the UAC to the end user by the security agent (Lipsit: page 5, line 47 to page 6, line 

17); 

h) applying the UAC to the client-side transfer agent by the end user (Lipsit: page 5, line 47 to 
page 6, line 17); 

20 i) transferring the UAC securely from the client-side transfer agent to the unblocking service 

(Lipsit: page 5, line 47 to page 6, line 17); 

j) verifying the UAC transferred by the client-side transfer agent and the agent-side transfer agent 
match through the unblocking service (Lipsit: page 5, line 47 to page 6, line 17); 

k) transferring an Unblock Code (UBC) securely from the unblocking service to the client-side 
25 transfer agent (Chmaytelli: Col 8, lines 59-66); 

I) unblocking the security device using the UBC (Chmaytelli: Col 8, lines 59-63); 
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m) checking at a configurable frequency to determine whether the UAC is generated (Binder: 

[0036]); 

n) correlating the end user identifier and a security device identifier prior to acceptance of the 
UAC (Lipsit: page 5, line 47 to page 6, line 17); 
5 o) providing the UBC by the unblocking service to the client-side transfer agent after correlation of 

the end user identifier, the password pair, and the security device identifier (Chmaytelli: Col 8, lines 59- 
63). 

p) wherein the unblocking service stores the UAC and the UBC (Chmaytelli: Col 8, lines 59-63; 
Lispit: page 5, line 47 to page 6, line 17); 

0 

Claim 33 is rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in view of Takae in 
further view of Chmaytelli in further view of Rosenberg, U.S. Patent Application Publication No. 
2003/0013434. 



15 As per claim 33, the applicant describes the method of claim 29, which is met by Lipsit in view of 

Takae in further view of Chmaytelli, with the following limitations which are met by Chimaytelli and 
Rosenberg: 

a) generating a new UBC (Chimaytelli: Col 8, lines 59-63; Rosenberg: [0072] to [0075]); 

b) setting the security device to the new UBC (Rosenberg: [0072] to [0075]); 

20 c) delivering the new UBC to the directory service (Rosenberg: [0072] to [0075]); 

Lipsit in view of Takae in further view of Chmaytelli disclose all the limitations of claim 29. 
Chmaytelli also discloses the idea of retrieving a UBC and sending the UBC to a security device so that it 
can be applied to unblock the device. Chmaytelli does not disclose the idea of generating a new UBC: 
Chmaytelli is silent as to whether the UBC is generated or simply retrieved from a list of existing UBCs. 

25 Rosenberg discloses the idea of generating a UBC (activation code) for a user and delivering the 

new UBC to a directory service where it can be obtained by the user. It would have been obvious to one 
of ordinary skill in the art at the time the invention was filed to combine the ideas of Rosenberg with those 
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of Lipsit in view of Takae in further view of Chmaytelli because generating a UBC instead of just retrieving 
it from a list enhances security in the system by generating fresh activation codes thereby curtailing the 
amount of time a hacker has to steal the activation code. 

Claim 34 is rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in view of Takae in 
further view of Chmaytelli in further view of Angelo, U.S. Patent No. 5,949,882. 

As per claim 34, the applicant describes the method of claim 29, which is met by Lipsit in view of 
Takae in further view of Chmaytelli, with the following limitation which is met by Angelo: 

Verifying the security device is not already permanently blocked (Angelo: Col 1 1, lines 8-16); 

Lipsit in view of Takae in further view of Chmaytelli disclose all the limitations of claim 29. 
However, Lipsit in view of Takae in further view of Chmaytelli do not disclose verifying that the security 
device is not already permanently blocked. Angelo discloses a system in which a check is made on a 
security device to make sure it is not permanently blocked. It would have been obvious to one of ordinary 
skill in the art at the time the invention was filed to combine the ideas of Angelo with those of Lipsit in view 
Takae in further view of Chmaytelli because checking to make sure a device is not permanently blocked 
makes the system more efficient because resources are not wasted trying to unblock a device which is 
permanently blocked. 

Claim 35 is rejected under 35 U.S.C. 103(a) as being unpatentable over Lipsit in view of Takae in 
further view of Chmaytelli in further view of Rosenberg in further view of Angelo. 

As per claim 35, the applicant describes a method of unblocking a security device issued to an 
end user comprising the following limitations which are met by Lipsit, Takae, Chmaytelli, Rosenberg, and 
Angelo: 

a) gathering information from the end user and the security device (Lipsit: page 5, line 47 to page 
6, line 17); 
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b) verifying the information gathered from the end user and the security device (Lipsit: page 5, 
line 47 to page 6, line 17); 

c) contacting the security agent by the end user (Lipsit: page 5, line 47 to page 6, line 17); 

d) supplying end user information to the security agent (Lipsit: page 5, line 47 to page 6, line 17); 
5 e) verifying identity of the end user by the security agent using an identity verification mechanism 

(Lipsit: page 4, lines 51-54); 

f) generating an Unblock Authorization Code (UAC) after verification by the security agent, 
wherein verification comprises verifying the end user is assigned the security device while the end user is 
in possession of the security device (Lipsit: page 5, line 47 to page 6, line 1 7; Takae: [0084]); 
10 g) transferring the UAC to an unblocking service (Lipsit: page 5, line 47 to page 6, line 17); 

h) storing the UAC against a security device record in a directory service (Lipsit: page 5, line 47 to 
page 6, line 17); 

i) transferring the UAC to an unblocking service (Lipsit: page 5, line 47 to page 6, line 17); 

j) storing the UAC against a security device record in a directory service (Lipsit: page 5, line 47 to 
15 page 6, line 17); 

k) supplying the UAC from the security agent to the end user (Lipsit: page 5, line 47 to page 6, 

line 17); 

I) applying the UAC to a client-side transfer agent by the end user (Lipsit: page 5, line 47 to page 
6, line 17); 

20 m) delivering the UAC securely from the client-side transfer agent to the unblocking service 

(Lipsit: page 5, line 47 to page 6, line 17); 

n) verifying the UAC transferred by the client-side transfer agent and an agent-side transfer agent 
match through the unblocking service (Lipsit: page 5, line 47 to page 6, line 17); 

o) requesting an Unblock Code (UBC) from the directory service (Chmaytelli: Col 8, lines 59-66); 
25 p) unblocking the security device by transferring the UBC from the directory service to the client- 

side transfer agent (Chmaytelli: Col 8, lines 59-66); 
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q) gathering information from the end user using the client-side transfer agent (Lipsit: page 5, line 
47 to page 6, line 17); 

r) gathering information from the security device using the client-side transfer agent (Lipsit: page 
5, line 47 to page 6, line 17); 

s) generating a new UBC (Rosenberg: [0072] to [0075]); 

t) setting the security device to the new UBC (Rosenberg: [0072] to [0075]); 

u) delivering the new UBC to the directory service (Rosenberg: [0072] to [0075]); 

v) verifying the security device is not already permanently blocked (Angelo: Col 1 1, lines 8-16), 

q) wherein the unblocking service stores the UAC and the UBC (Rosenberg: [0072] to [0075]); 

Response to Arguments 

Applicant's arguments, see Remarks, filed 1/13/06, with respect to the 112, first paragraph, 
rejection have been fully considered and are persuasive. Therefore the 112, first paragraph, rejection has 
been withdrawn. 

Applicant's arguments with respect to claim 1 have been considered but are moot in view of the 
new ground(s) of rejection. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Kevin Schubert whose telephone number is (571) 272-4239. The examiner can normally 
be reached on M-F 7:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the organization where 
this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
5 you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). 



KS 



EMMANUEL LMOISE 
SUPERVISORY PATENT EXAMINER 
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